Job Description:Provide tier two operational support, leading team efforts in resolution of incidents and outages for information security technology and its dependencies on Public and Private Cloud computing environments, shared platforms, and operating systems for more than three of the following technologies:
Ensuring team's adherence to SOPs, training and performance monitoring for team members, and continuous process improvement for efficiency, including automation, wherever applicable and conduct recurring assessments of all the key SOC workflows to highlight process deficiencies as well as improvement opportunities for staff.
o Malware Analysis
o SIEM (Splunk)
o Software-defined (Cloud) Network Security
o Endpoint Security Protection
o Data Loss Prevention
Partner with other technology teams in handling and responding to internal customer issues, conducting problem analysis and providing solutions for service level improvements, and ensuring timely remediation of security issues in accordance with corporate policies and standards
Execute daily security technology administration functions
Perform Root Cause Analysis (RCA) on applicable technology
Validate quality of dashboards and alerts and suggest updates to reflect new threats and changes in the monitored environment
Support the Security Operations team in its efforts on various technology projects and operational initiatives
Work as a part of a team to ensure that Guardian customers' data, technology platforms, and infrastructure are available and safeguarded from cyber threats
Follow ITIL practices regarding incident, problem, and change management
Stay up to date with emerging cyber threats, industry best practices, and applicable regulatory requirements
Required Qualifications
Being curious and desire to analyze anomalies
Desire and passion to learn and grow in Cybersecurity
Customer-focused demeanor
Minimum 1-3 years of proven experience in building and operating security controls in at least two of the following domains:
o Network/Perimeter Security, including Next-Gen firewalls, intrusion prevention systems, proxies, and Web Application firewalls (WAFs)
o Enterprise Endpoint (host-based) Security
o DLP and Secure Data Transmission, Storage, and Access
o Identity and Access Management / User Behavior Analytics
Understanding of security architecture, operating and troubleshooting principles of Microsoft Windows and Linux operating systems
SIEM management: Senior SOC Engineers must have extensive experience in managing SIEM systems, including configuring, tuning, and optimizing them for maximum efficiency.
Endpoint security: They must have a deep understanding of endpoint security solutions, including antivirus, anti-malware, and intrusion prevention systems.
Security incident handling: Senior SOC Engineers must have experience in handling security incidents, including identifying the source of the threat, containing it, and preventing further damage.
Data Loss Prevention (DLP): They must have experience in implementing and managing DLP solutions to prevent data breaches.
Threat intelligence: They must stay up-to-date with the latest security threats and trends, and use this information to improve the organization's security posture.
Team management: Senior SOC Engineers must lead and manage the security operations center team, including hiring, training, and mentoring team members.
Documentation: They must ensure that all security events, incidents, and responses are properly documented for future reference and analysis.
Collaboration: Senior SOC Engineers must work closely with other IT teams, including network engineers, system administrators, and application developers, to ensure that all systems are secure.
Continuous improvement: They must continuously evaluate and improve the organization's security posture by implementing new technologies, processes, and procedures.
Requirements for a Senior SOC Engineer typically include a bachelor's degree in computer science or a related field, along with relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Ethical Hacker (CEH). Strong leadership skills, analytical skills, attention to detail, and the ability to work well under pressure are also essential. Ability to effectively work in a team, as well as to be an independent contributor on select projects
Preferred Qualifications
Recognized Security Industry and Public Cloud IaaS certifications
Familiarity with security industry standards and best practices (NIST 800-53, ISO27001, NIST CSF, HITRUST, NYDFS-Cybersecurity, HIPAA, FedRAMP, OWASP, etc.)
Familiarity with ITIL; experience with incident, problem, change, and risk managementQualifications:
- Provide tier two operational support, leading team efforts in resolution of incidents and outages for information security technology and its dependencies on Public and Private Cloud computing environments, shared platforms, and operating systems for more than three of the following technologies:
- Ensuring team's adherence to SOPs, training and performance monitoring for team members, and continuous process improvement for efficiency, including automation, wherever applicable and conduct recurring assessments of all the key SOC workflows to highlight process deficiencies as well as improvement opportunities for staff.
o Malware Analysis
o SIEM (Splunk)
o Software-defined (Cloud) Network Security
o Endpoint Security Protection
o Data Loss Prevention
- Partner with other technology teams in handling and responding to internal customer issues, conducting problem analysis and providing solutions for service level improvements, and ensuring timely remediation of security issues in accordance with corporate policies and standards
- Execute daily security technology administration functions
- Perform Root Cause Analysis (RCA) on applicable technology
- Validate quality of dashboards and alerts and suggest updates to reflect new threats and changes in the monitored environment
- Support the Security Operations team in its efforts on various technology projects and operational initiatives
- Work as a part of a team to ensure that Guardian customers' data, technology platforms, and infrastructure are available and safeguarded from cyber threats
- Follow ITIL practices regarding incident, problem, and change management
- Stay up to date with emerging cyber threats, industry best practices, and applicable regulatory requirements
Required Qualifications
- Being curious and desire to analyze anomalies
- Desire and passion to learn and grow in Cybersecurity
- Customer-focused demeanor
- Minimum 1-3 years of proven experience in building and operating security controls in at least two of the following domains:
o Network/Perimeter Security, including Next-Gen firewalls, intrusion prevention systems, proxies, and Web Application firewalls (WAFs)
o Enterprise Endpoint (host-based) Security
o DLP and Secure Data Transmission, Storage, and Access
o Identity and Access Management / User Behavior Analytics
- Understanding of security architecture, operating and troubleshooting principles of Microsoft Windows and Linux operating systems
- SIEM management: Senior SOC Engineers must have extensive experience in managing SIEM systems, including configuring, tuning, and optimizing them for maximum efficiency.
- Endpoint security: They must have a deep understanding of endpoint security solutions, including antivirus, anti-malware, and intrusion prevention systems.
- Security incident handling: Senior SOC Engineers must have experience in handling security incidents, including identifying the source of the threat, containing it, and preventing further damage.
- Data Loss Prevention (DLP): They must have experience in implementing and managing DLP solutions to prevent data breaches.
- Threat intelligence: They must stay up-to-date with the latest security threats and trends, and use this information to improve the organization's security posture.
- Team management: Senior SOC Engineers must lead and manage the security operations center team, including hiring, training, and mentoring team members.
- Documentation: They must ensure that all security events, incidents, and responses are properly documented for future reference and analysis.
- Collaboration: Senior SOC Engineers must work closely with other IT teams, including network engineers, system administrators, and application developers, to ensure that all systems are secure.
- Continuous improvement: They must continuously evaluate and improve the organization's security posture by implementing new technologies, processes, and procedures.
- Requirements for a Senior SOC Engineer typically include a bachelor's degree in computer science or a related field, along with relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Ethical Hacker (CEH). Strong leadership skills, analytical skills, attention to detail, and the ability to work well under pressure are also essential. Ability to effectively work in a team, as well as to be an independent contributor on select projects
Preferred Qualifications
- Recognized Security Industry and Public Cloud IaaS certifications
- Familiarity with security industry standards and best practices (NIST 800-53, ISO27001, NIST CSF, HITRUST, NYDFS-Cybersecurity, HIPAA, FedRAMP, OWASP, etc.)
- Familiarity with ITIL; experience with incident, problem, change, and risk management
Location:
This position can be based in any of the following locations:
Chennai, Gurgaon
Current Guardian Colleagues: Please apply through the internal Jobs Hub in Workday
Top Skills
What We Do
Who we are
Guardian makes a difference in the lives of people when they need us most. With over 160 years of stability and fiscal integrity, we are a trusted resource to generations of families and business owners, inspiring well-being and helping build financial confidence.
Today, we stand behind 29 million consumers, helping them prepare and plan for a bright future for themselves and their families. We help business owners care for their employees. And we help people recover and thrive in times of unexpected loss.
As a modern mutual insurance company, we believe in driving value beyond dividends. We invest in our colleagues and are building a progressive, innovative and inclusive culture. We uplift individuals and communities through thoughtful social and environmental programs.
What we stand for
In 1860, a community of immigrants joined together to insure and protect their businesses and families. They were guided by powerful ideals that we’ve continued to stand behind and evolved throughout the years: we do the right thing, we believe people count, we courageously shape the future together, and we go above and beyond for the people we serve.
Guardian employees embrace and live by these values every day. They remind us to put people at the heart of all we do so that we can help protect what matters most to you. Want to help bring these values to life? Join us for a rewarding career and the opportunity to shape the future.
Disclosures:
Financial information concerning Guardian as of December 31, 2022, on a statutory basis: Admitted assets = $76.0 billion; liabilities = $67.2 billion (including $55.0 billion of reserves); and surplus = $8.8 billion. Dividends are not guaranteed. They are declared annually by Guardian’s Board of Directors.
Guardian® is a registered trademark of The Guardian Life Insurance Company of America. © Copyright 2023 The Guardian Life Insurance Company of America 2023-156184 Exp. 5/25